Code Quality and Security Scanning

We use the following code quality and security scanning tools:

• golangci-lint and eslint for compile time linting
• CodeQL - for semantic code analysis
• codecov.io - for code coverage
• snyk.io - for image scanning
• sonarcloud.io - for code scans and security alerts

These are at least run daily or on each pull request.